# The OWASP Brand must not be used in any materials that could mislead readers by narrowly interpreting a broad application security category. For example, a vendor product that can find or protect against forced browsing must not claim that they address all of the access control category.

# The OWASP Brand must not be used in any materials that could mislead readers by narrowly interpreting a broad application security category. For example, a vendor product that can find or protect against forced browsing must not claim that they address all of the access control category.

# The OWASP Brand may be used by special arrangement with The OWASP Foundation.

# The OWASP Brand may be used by special arrangement with The OWASP Foundation.

+

+

==Resources==

+

Download our [https://www.owasp.org/images/0/07/OWASP_Image_Toolbox.zip OWASP Image Toolbox]. This includes all of OWASP's branding images.

Slides presented at Global AppSec Conferences by the Global Board to provide a high level overview of OWASP and to highlight some of the key initiatives at a Global level. This can be presented in its current form at OWASP Chapter meetings to enable a clarification of the mission and purpose of the local chapter. This can also be used or sent to the press/media when looking for a "overview of owasp"

+

+

<b>[https://www.owasp.org/images/3/35/2012Whereweare..Wherearewegoing.pdf 2012 Where we are, Where we are going..]</b>

+

+

<b>[https://www.owasp.org/images/8/83/FINAL-OWASP_Global_Board_Update_AppSecUS11.ppt.pdf 2011 Where we are, Where we are going..]</b>

Revision as of 10:17, 13 September 2012

Philosophy

OWASP stands for informed security decisions based on a solid, comprehensive understanding of the business risk associated with an application. OWASP's philosophy is that achieving security involves all parts of an organization, including people, process, and technology. We support the use of our brand consistent with this philosophy. However, we cannot allow the use of our brand when it implies something inconsistent with OWASP's comprehensive and balanced approach to application security. Therefore, we have defined these brand usage rules to clarify appropriate and inappropriate uses of the OWASP brand, including our name, domain, logos, project names, and other trademarks.

Rules

The following rules make reference to the OWASP Materials, meaning any tools, documentation, or other content from OWASP. The rules also make reference to "OWASP Published Standards" which are currently in the process of being developed and released. Currently there are no OWASP Published Standards.

The OWASP Brand may be used to direct people to the OWASP website for information about application security.

The OWASP Brand may be used in commentary about the materials found on the OWASP website.

The OWASP Brand may be used by OWASP Members in good standing to promote a person or company's involvement in OWASP.

The OWASP Brand may be used in association with an application security assessment only if a complete and detailed methodology, sufficient to reproduce the results, is disclosed.

The OWASP Brand must not be used in a manner that suggests that The OWASP Foundation supports, advocates, or recommends any particular product or technology.

The OWASP Brand must not be used in a manner that suggests that a product or technology is compliant with any OWASP Materials other than an OWASP Published Standard.

The OWASP Brand must not be used in a manner that suggests that a product or technology can enable compliance with any OWASP Materials other than an OWASP Published Standard.

The OWASP Brand must not be used in any materials that could mislead readers by narrowly interpreting a broad application security category. For example, a vendor product that can find or protect against forced browsing must not claim that they address all of the access control category.

The OWASP Brand may be used by special arrangement with The OWASP Foundation.

Banners

Presentation

Slides presented at Global AppSec Conferences by the Global Board to provide a high level overview of OWASP and to highlight some of the key initiatives at a Global level. This can be presented in its current form at OWASP Chapter meetings to enable a clarification of the mission and purpose of the local chapter. This can also be used or sent to the press/media when looking for a "overview of owasp"